I have the following problem and am looking for possible solutions and/or suggestions on how to solve this.
Let's say I have a domain and I'd like a user to register on it first.If registered, & paid e.g., allow the user to create his own 'page' (once). - my.domain.com/user-1-pagename - my.domain.com/user-2-pagename
What would be the most reliable and secure way to do this?
As you would have to give a user write-access
- Let user create a subfolder under the root of the website(?) & How (security-wise)
- Easier with a Wordpress or Drupal setup to start from?
- ...
Thanks in advance!
It totally depends on what they would want to do with that page afterwards, if you are thinking of creating blog pages for different users then you have these options on WordPress, I'm sure there are tons of other options for many platforms out there:
https://wordpress.org/plugins/profilegrid-user-profiles-groups-and-communities/
https://wordpress.org/plugins/ultimate-member/
But if you are thinking of creating real low level sub-folders for your domain, it would need a lot more information about your host and it may need custom coding.
It could be achieved by OG Group module that will allow register and paid user to create OG NODE and path of the OG NODE at per your requirement (my.domain.com/user-1-pagename) using URL alias Path Auto module
Related
Can we disable exporting data from the user interface actions in Kentico Managing form data?
Regards,
SA
Try setting the ShowObjectMenu property of the UniGrid to false. Detailed documentation available here.
The UniGrid definition should be the one found in this file (can't verify it as I currently don't have access to a Kentico instance): CMSModules\BizForms\Controls\BizFormEditData.ascx
Not all objects, pages, etc have the permissions available/coded to allow this restriction that I'm aware of within the user interface. Take a look at the post I wrote on restricting download/export of anything out of Kentico.
Short story is you set the permissions at the IIS level on /CMS/CMSSiteUtils/Export directory to not allow the user running IIS app pool to access that directory. This directory is where all exports, no matter what, get sent to.
I have a working App built on Nodejs + Drywall + Openshift, sorry it's in Arabic. Basically, I am looking to improve on the service, but having a major roadblock. The site is a classifieds site and I need to optimize it for SEO, however, my links to ads are shown like this...
http://yobyobi.com/ads/show/55c9ff9dcf68970612ba2d38
55c9ff9dcf68970612ba2d38 is the Ad ID on my mongoDB, I do also have a record for the indicating the date and the title of Add combined "Sun-Nov-22-2015-8-pm-2007-camry-for-sale", the goal is to make the URL pretty and understandable by search engines. The end result I want to accomplish is one of the following:
yobyobi.com/ads/show/55c9ff9dcf68970612ba2d38/Sun-Nov-22-2015-8-pm-2007-camry-for-sale
yobyobi.com/ads/show/Sun-Nov-22-2015-8-pm-2007-camry-for-sale/55c9ff9dcf68970612ba2d38
yobyobi.com/ads/show/Sun-Nov-22-2015-8-pm-2007-camry-for-sale/
Now, option number 3 would be ideal, but would slow down my application if I have to search by Ad title instead of Ad ID. Similar to what Stackoverflow is doing (attached pic)
Stackoverflow example
Code
app.get('/ads/show/:id', require('./views/account/ads/index').read);
The above line returns the Ad for me with all the details including the title that I want to use, but the problem is that I cannot change the route URL after I receive the title.
I am not sure if this module would help in whatever I am trying to do it's called "named-routes"
Has anyone ran across this problem? If so can you share some insight on how to best tackle the problem?
Thanks in advance,
well, the solution was dead simple, do the following:
add * as a wild card like this
app.get('/ads/show/:id/*', require('./views/account/ads/index').read);
now when you create the links to the post, attach anything where the * is and it should show the same Ad without breaking the page.
Cheers
I am using Symfony 1.4, sfDoctrineGuardPlugin.
On my backend app, users can reach a page which they cannot actually by changing url manually. Is there any way to stop it?
Lets say, every author can just reach their own data normally. But if they change id on url they can edit which article they want. I searched on the internet but cannot find any solution for it? Do you know a way?
Thanks a lot.
By just hiding things that doesn't belong to a particular author you can't protect them from being edited or deleted.
Overload executeEdit/executeUpdate/executeDelete actions in your backend modules to avoid unauthorized management.
Something like:
public function executeEdit(sfWebRequest $request) {
...
$this->forward404Unless($this->article->belongsTo($me));
...
}
In addition, you can check for proper credentials. It's useful when you want to some user groups to access some special content, or content of another users.
Hope that helps.
you have to make a relation between article and authors. I presume there is already one, so the best approach is to override doSelect method in ArticlePeer to check with Author. Just add a criteria to select articles belongs to the current user.
i have been asked to make a marketing site.The concept provided is as follows-
There will be a parent site named www.game.com.It will have an admin.My client will create www.baseball.com,www.football.com,www.golf.com and so on.All these websites will have their own admin.
Now suppose a golf player named Jack comes to www.game.com admin and asks him to register himself.
My client is saying that www.game.com admin will be able to register that player under www.golf.com because he is a golf player and Jack will get a subdomain like www.golf.com/Jack
www.game.com/admin
www.baseball.com/admin www.football.com/admin www.golf.com/admin
How is it possible ? how should i approach?
What you are looking at doing is called URL rewriting. Check out this article for the basics of how it works.
http://en.wikipedia.org/wiki/Rewrite_engine
You will also find links to various methods for specific languages and platforms.
I want to develop a solution,not allow any user to delete document in library.
Can I do this client side?
Thanks
One option is to setup permissions so the user cannot delete items. If you need to do something programatically, there is an ItemDeleting even that fires (server side) whenever an item is being deleted that you could then implement any kind of custom logic your application rules require. More info on ItemDeleting from Wrox
John
You also could define a retention policy on the document library - if you go to settings you'll find the Information management policy settings - however I agree with John and I think managing permissions is the correct way to go.